Daily NCSC-FI news followup 2020-08-29

Emotet malware’s new ‘Red Dawn’ attachment is just as dangerous

www.bleepingcomputer.com/news/security/emotet-malwares-new-red-dawn-attachment-is-just-as-dangerous/ The Emotet botnet has begun to use a new template for their malicious attachments, and it is just as dangerous as ever. After a five-month “vacation, ” the Emotet malware returned in July 2020 and began to spew massive amounts of malicious spam worldwide. These spam campaigns pretend to be invoices, shipping information, COVID-19 information, resumes, financial documents, or scanned documents.. When opened, these attachments will prompt a user to ‘Enable Content’ so that malicious macros will run to install the Emotet malware on a victim’s computer.. Emotet is considered the most widely spread malware targeting users today. It is also particularly harmful as it will install other dangerous malware such as Trickbot and QBot onto a victim’s computer. Due to this, it is vital to recognize the malicious document templates used by Emotet so that you do not accidentally become infected.

Threat Actor Profile: TA2719 Uses Colorful Lures to Deliver RATs in Local Languages

www.proofpoint.com/us/blog/threat-insight/threat-actor-profile-ta2719-uses-colorful-lures-deliver-rats-local-languages In late March 2020, Proofpoint researchers began tracking a new actor with a penchant for using NanoCore and later AsyncRAT, popular commodity remote access trojans (RATs). Dubbed TA2719 by Proofpoint, the actor uses localized lures with colorful images that impersonate local banks, law enforcement, and shipping services. To date, Proofpoint has observed this actor send low volume campaigns to recipients in Austria, Chile, Greece, Hungary, Italy, North Macedonia, Netherlands, Spain, Sweden, Taiwan, United States, and Uruguay.

Viral pro-Trump tweets came from fake African American spam accounts, Twitter says

www.nbcnews.com/tech/security/viral-pro-trump-tweets-came-fake-african-american-spam-accounts-n1238553 Twitter has taken action to stop a spam operation that pushed messages from fake accounts about Black people abandoning the Democratic Party. Disinformation experts and national security agencies are gearing up for the election, anticipating that social media platforms will continue to be central to foreign and domestic efforts to mislead voters.

5G Mobile Network Security: U.S. Government’s Strategy

www.msspalert.com/cybersecurity-news/5g-doh-strategy/ The Department of Homeland Security’s cyber wing has released a five point plan to safeguard the nation’s budding 5G mobile network infrastructure against cyber threats.

Instagram Help Center’ Phishing Scam Pilfers Credentials

threatpost.com/instagram-help-center-phishing-scam-pilfers-credentials/158777/ Turkish-speaking cybercriminals are sending Instagram users seemingly legitimate messages from the social media company, with the aim of stealing their Instagram and email credentials. Researchers said that the campaign has been targeting hundreds of celebrities, startup business owners, and other entities with sizeable followings on Instagram.

Näin poistat tietokoneen datat turvallisesti ennen myyntiä: 4 vaihtoehtoa

www.tivi.fi/uutiset/tv/1361f684-1d3f-4d93-ac2f-0fcce2c32a13 Mitä tehdä kun olisi tarve päästä eroon vanhasta tietokoneesta turvallisesti? Koska tietotekniikka kannattaa kierrättää, on seuraava etappi joko koneen myyminen käytettynä tai vieminen SER-keräyspisteeseen. Molemmissa tapauksissa kaikki koneella oleva data on syytä poistaa ensin.

Tietoturvariskit, tietojen keruu käyttäjistä… 10 ajankohtaista kysymystä Koronavilkku-sovelluksesta

www.is.fi/digitoday/art-2000006617973.html Sovelluksen tarkoituksena on auttaa tartuntaketjujen katkaisemisessa ja lisätä ihmisten mahdollisuuksia huolehtia terveydestään. Sovellus perustuu käyttäjien täydelliseen vapaaehtoisuuteen, mutta mitä useampi sitä käyttää, sitä tehokkaampi se on.

New Zealand bourse resumes trade after cyber attacks, government activates security systems

www.reuters.com/article/uk-nzx-cyber/new-zealand-bourse-resumes-trade-after-cyber-attacks-government-activates-security-systems-idUSKBN25O03Q New Zealand’s stock exchange resumed trading on Friday, after facing disruptions for four consecutive days in the wake of cyber attacks this week, while the government said national security systems had been activated to support the bourse. Finance Minister Grant Robertson said the Government Communications Security Bureau and the national agency fighting cyber crime had been called in to help the bourse. “I can’t go into much more in terms of specific details other than to say that we as a government are treating this very seriously, ” Robertson said in a media briefing in Wellington.There is no clarity on who was behind these two “offshore” attacks, but the failure to stop them has raised questions about New Zealand’s security systems, experts said.

You might be interested in …

Daily NCSC-FI news followup 2021-01-03

2021 Cybersecurity Trends: Bigger Budgets, Endpoint Emphasis and Cloud threatpost.com/2021-cybersecurity-trends/162629/ Insider threats are redefined in 2021, the work-from-home trend will continue define the threat landscape and mobile endpoints become the attack vector of choice, according 2021 forecasts. After shrinking in 2020, cybersecurity budgets in 2021 climb higher than pre-pandemic limits. Authentication, cloud data protection and […]

Read More

Daily NCSC-FI news followup 2021-04-25

VPN Hacks Are a Slow-Motion Disaster www.wired.com/story/vpn-hacks-pulse-secure-espionage/ Recent spying attacks against Pulse Secure VPN are just the latest example of a long-simmering cybersecurity meltdown. Hacking campaign targets FileZen file-sharing network appliances therecord.media/hacking-campaign-targets-filezen-file-sharing-network-appliances/ Threat actors are using two vulnerabilities in a popular file-sharing server to breach corporate and government systems and steal sensitive data as part […]

Read More

Daily NCSC-FI news followup 2019-07-02

Cloudflare Worldwide Outage Caused by Bad Software Deployment www.bleepingcomputer.com/news/technology/cloudflare-worldwide-outage-caused-by-bad-software-deployment/ Cloudfare experienced a worldwide outage today for about 30 minutes, with network performance issues that brought down a multitude of websites and web services all around the world, and triggered “502 Bad Gateway” errors.. see also www.cloudflarestatus.com/incidents/tx4pgxs6zxdr Kiristyshuijauksia liikkeellä runsaasti älä usko huijarien väitteitä www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/kiristyshuijauksia-liikkeella-runsaasti-ala-usko-huijarien-vaitteita Huijarit […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.